This topic describes the release notes for Security Center and provides links to the relevant references.
October 2024
Feature | Category | Description | Affected edition | Release date | References |
Container image scan | Feature iteration | GitLab image repository can be scanned. | Ultimate | 2024-10-31 | |
Container | Feature iteration | GitLab image repository is added. | Ultimate | 2024-10-31 | |
Anti-ransomware | Feature iteration | The option to exclude non-local mount path is added to the anti-ransomware policy for servers. | Security Center editions for which the anti-ransomwar feature is enabled | 2024-10-30 | |
Application protection | Feature iteration | Whitelist can be configured to limit access to Runtime Application Self-protection (RASP). | Security Center editions for which the quota for the application protection feature is purchased | 2024-10-30 | |
Cloud Threat Detection and Response (CTDR) | Feature iteration | Alerts generated by Cloud Workload Protect Platform (CWPP) and CTDR are merged onto one page. | All editions | 2024-10-24 | |
Defense against brute-force attacks | Feature iteration | Security Center Advanced edition now supports installing the alinet plug-in to improve the protection effectiveness of the feature. You can also use the cloud dynamic defense model to strengthen the security system. | Advanced | 2024-10-24 | [Notice] Updated Defense Against Brute-force Attacks of Security Center |
Application protection | Feature iteration | The manual access for containers is upgraded, and the custom installation of RASP agent is supported. | Security Center editions for which the quota for the application protection feature is purchased | 2024-10-21 | |
Core file monitoring | Feature iteration | Windows servers can be monitored. | Enterprise and Ultimate | 2024-10-16 | |
Proactive defense for containers | Feature iteration | Limits on container image are added to activate rules for non-image program defense. | Ultimate | 2024-10-16 | |
Log analysis | Feature iteration | Core file monitoring event logs are supported for delivery and storage. | Enterprise and Ultimate | 2024-10-15 | |
Anti-ransomware | Feature iteration | Anti-ransomware for databases now supports backing up data from MySQL 8.0. | Security Center editions for which the anti-ransomwar feature is enabled | 2024-10-11 | |
Agentless detection | Feature iteration | Servers in the China (Chengdu) region are supported for the agentless detection feature. | Security Center editions for which the agentless detection feature is enabled based on the pay-as-you-go billing method | 2024-10-09 |
September 2024
Feature | Category | Description | Affected edition | Release date | References |
Serverless Asset Protection | Feature iteration | Security assessment is supported across the Serverless App Engine (SAE) products. | Security Center editions for which the serverless asset protection feature is enabled by using the pay-as-you-go billing method | 2024-09-30 | |
Asset Exposure Analysis | Feature iteration | ApsaraDB RDS, ApsaraDB for Redis, and ApsaraDB for MongoDB are added to the supported asset types for detection. | Enterprise and Ultimate | 2024-09-27 | |
CTDR | Feature iteration | The attack timeline tab on the security event details page is optimized to include timeline cards that feature alerts and log evidence, as well as the source tracing diagram of the event. This upgrade supports automated tracing of suspicious attack paths. The tracing diagram includes many topics such as alerts, logs, vulnerabilities, baselines, assets, and entities, with options to view detailed information. | Security Center editions for which the CTDR feature is enabled | 2024-09-24 | |
Feature iteration | To enhance the user experience of log management feature of CTDR, Security Center ends the public preview of the cold data storage solution, and unpublishes the solution. | 2024-09-12 | [Notice] Public preview of the cold data storage feature of CTDR ends and the feature is unpublished | ||
Multi-cloud Configuration Management | Feature iteration | The process for adding multi-cloud assets to Security Center is optimized. When an Azure asset is added, the SubscriptionId configuration is no longer required. | All editions | 2024-09-05 |
August 2024
Feature | Category | Description | Affected edition | Release date | References |
CTDR | Feature iteration | New basic orchestration group aliyuncloudOpenAPI is added. | Security Center editions for which the CTDR feature is enabled | 2024-08-30 | |
Feature iteration | Logs of the third-party cloud service providers such as Chaitin WAF and FortiGate Firewall can be added to the CTDR feature. | Security Center editions for which the CTDR feature is enabled | 2024-08-20 | ||
Application protection | Feature iteration | Runtime circuit breaking feature is available. | Security Center editions for which the application protection feature is enabled | 2024-08-19 | |
Configuration assessment | Feature iteration |
| Security Center editions for which the configuration assessment feature is enabled | 2024-08-19 | |
Application protection | Feature iteration | AI-powered analysis of attack alerts and in-memory webshell detection alerts is available to provide detailed explanations and reasoning. | Security Center editions for which the application protection feature is enabled | 2024-08-16 | |
Configuration assessment | Feature iteration |
| All editions | 2024-08-02 | |
Serverless asset protection | Feature iteration |
| All editions | 2024-08-02 | |
Application protection | Feature iteration | A toggle for decompiling Java files is available on the details page of the in-memory webshell detection alerts. | Security Center editions for which the application protection feature is enabled | 2024-08-01 | |
Log analysis | Feature iteration | V2.0 log dictionaries are released and the upgrade from V1.0 log dictionaries to V2.0 is available. | Security Center editions for which the log analysis feature is enabled | 2024-08-01 |
July 2024
Feature | Category | Description | Affected edition | Release date | References |
SDK for malicious file detection | Feature iteration | SDK for malicious file detection can decrypt and check OSS objects that are encrypted by using a server-side encryption method. | Security Center editions for which the SDK for malicious file detection feature is enabled | 2024-07-26 | |
Agentless detection | Feature iteration | Agentless detection enables the snapshot feature and the image check feature. | Security Center editions for which the agentless detection feature is enabled based on the pay-as-you-go billing method | 2024-07-08 | |
CTDR | Feature iteration | SOAR playbook can be copied. | Security Center editions for which the CTDR feature is enabled | 2024-07-03 | |
Core file monitoring | Feature iteration | The best practice document for configuring the core file monitoring feature is added. The document describes the configurations of monitoring rules and provides examples. | Enterprise and Ultimate | 2024-07-01 | Best practices for configuring the core file monitoring feature |
June 2024
Feature | Category | Description | Affected edition | Release date | References |
SDK for malicious file detection | Feature iteration | The results of malicious file detection that is performed by calling API operations are displayed in the list of at-risk files in the Security Center console. | Security Center editions for which the SDK for malicious file detection feature is enabled | 2024-06-28 | |
Malicious file detection logs can be delivered to the Logstore dedicated to Security Center. | |||||
DingTalk chatbots can be added to send notifications. You can receive real-time notifications of detected malicious files in the DingTalk group that you specify. | |||||
Vulnerability management | Feature iteration | The vulnerability management feature can be used to scan servers that use SUSE and Kylin operating systems for vulnerabilities. | All editions | 2024-06-20 | |
Application protection | Feature iteration |
| Security Center editions for which the quota for the application protection feature is purchased | 2024-06-19 | |
CTDR | Feature iteration | EdgeRoutine logs, access logs, and Web Application Firewall (WAF) logs of Dynamic Content Delivery Network (DCDN) can be added to the CTDR feature. The added logs are processed by using threat detection, event handling, Security Orchestration Automation Response (SOAR), and log storage capabilities. | Security Center editions for which the CTDR feature is enabled | 2024-06-19 | |
Baseline check | Feature iteration | Debian 10, Debian 11, Debian 12, and TencentOS Server 3.1 are supported by the baseline check feature. | Advanced, Enterprise, and Ultimate | 2024-06-19 | |
Feature iteration | The maximum size of a weak password file that you can upload is increased to 40 KB. | Advanced, Enterprise, and Ultimate | 2024-06-07 | ||
Installation of the Security Center agent | Feature iteration | Kylin V7 and Red Hat Enterprise Linux (RHEL) 9 are supported for the Security Center agent. | All editions | 2024-06-06 | |
Log analysis | Feature iteration | Agent event logs are supported for delivery and storage. | Security Center editions for which the log analysis feature is enabled | 2024-06-06 |
May 2024
Feature | Category | Description | Affected edition | Release date | References |
Container image scan | Feature iteration | The container image scan feature is supported for the China (Ulanqab) region. | Security Center editions for which the container image scan feature is enabled | 2024-05-31 | |
Container | Feature iteration | The risk detection results of a single image can be exported. | Ultimate | 2024-05-31 | |
Purchase | Feature iteration | When you purchase Security Center by using the subscription billing method, the Protected Servers and Cores parameters can be specified based on your business requirements. After you purchase Security Center, you can manage the quotas. | Anti-virus, Advanced, Enterprise, and Ultimate | 2024-05-30 | |
Alerts | Feature iteration | The Suspicious process - Suspicious command alert is renamed Suspicious process - Suspicious probe command. | Anti-virus, Advanced, Enterprise, and Ultimate | 2024-05-22 | |
Application protection | Feature iteration | The text in the panel for attack alert details is optimized. | Security Center editions for which the application protection feature is purchased | 2024-05-15 | |
SDK for malicious file detection | Feature iteration | The maximum size of a file that can be checked by the SDK for malicious file detection feature is increased from 20 MB to 100 MB. | Security Center editions for which the SDK for malicious file detection feature is purchased | 2024-05-14 | |
Configuration assessment | Feature iteration |
| Security Center editions for which the quota for the configuration assessment feature is purchased or the feature is enabled by using the pay-as-you-go billing method | 2024-05-11 | |
CTDR | Feature iteration | The time picker and filter conditions on the Security Event Handling page are optimized. | Security Center editions for which the CTDR feature is enabled | 2024-05-09 |
April 2024
Feature | Category | Description | Affected edition | Release date | References |
CTDR | Feature iteration |
| Security Center editions for which the CTDR feature is enabled | 2024-04-26 | [Notice] Billing rules of Cloud Threat Detection and Response (CTDR) are changed |
Application protection | New feature | The in-memory webshell prevention feature is added to detect threats that are hidden in memory. | Security Center editions for which the application protection feature is enabled | 2024-04-17 | |
Configuration assessment | Feature iteration | Quick fixing is provided for more than 50 check items. | Security Center editions for which the quota for the configuration assessment feature is purchased or the feature is enabled by using the pay-as-you-go billing method | 2024-04-17 | |
Anti-ransomware (bait capture) | Feature iteration | Linux servers are supported. | Advanced, Enterprise, and Ultimate | 2024-04-17 | |
Baseline check | Feature iteration | The baseline type of Center for Internet Security (CIS) compliance is renamed internationally agreed best practices for security. | Advanced, Enterprise, and Ultimate | 2024-04-11 | |
SDK for malicious file detection | Feature iteration | File packages can be decompressed for malicious file detection. | Security Center editions for which the SDK for malicious file detection feature is enabled | 2024-04-11 | |
CTDR - Log management | New feature |
| Security Center editions for which the CTDR feature is enabled | 2024-04-02 | |
Configuration assessment | Feature iteration | In the Security Center console, Alibaba Cloud accounts on the China site (aliyun.com) can be used to perform checks related to Resource Access Management (RAM) only on assets that reside in regions in China, and Alibaba Cloud accounts on the international site (alibabacloud.com) can be used to perform RAM-related checks only on assets that reside in regions outside China. The historical scan results are retained in the regions of the assets. | Security Center editions for which the quota for the configuration assessment feature is purchased or the feature is enabled by using the pay-as-you-go billing method | 2024-04-01 |
March 2024
Feature | Category | Description | Affected edition | Release date | References |
CTDR | Feature iteration | The threat analysis feature is renamed CTDR. | Security Center editions for which the CTDR feature is enabled | 2024-03-29 | |
Container file protection | Feature iteration | A process whitelist and a file path whitelist can be configured during the creation of a rule for container file protection. | Ultimate | 2024-03-19 | |
SDK for malicious file detection | Feature iteration | Adware, cracking programs, and private game servers can be detected. | Security Center editions for which the SDK for malicious file detection feature is enabled | 2024-03-01 |
February 2024
Feature | Category | Description | Affected edition | Release date | References |
Core file monitoring | Feature iteration | Alert notifications by using DingTalk chatbots are supported for the core file monitoring feature. | Enterprise and Ultimate | 2024-02-23 | |
Baseline check | Feature iteration | Custom weak password rules can be added to existing weak password rules. | Advanced, Enterprise, and Ultimate | 2024-02-22 | |
Application protection | Feature iteration |
| Security Center editions for which the application protection feature is enabled | 2024-02-22 | |
Configuration assessment | Feature iteration | The pay-as-you-go billing method is supported. | All editions | 2024-02-19 | |
Agentless detection | Feature iteration | The agentless detection feature is available for commercial use and is no longer free of charge. If you have enabled this feature free of charge, you can use this feature free of charge until the end of the public preview on March 5, 2024. After the public preview ends, you must enable this feature by using the pay-as-you-go billing method to use this feature. | All editions | 2024-02-02 |
January 2024
Feature | Category | Description | Affected edition | Release date | References |
Security report | Feature iteration | The Security Report page in the Security Center console is optimized. | Advanced, Enterprise, and Ultimate | 2024-01-31 | |
Overview | Feature iteration | The content of the security information module is optimized. | All editions | 2024-01-29 | |
Risk governance | Feature iteration | The risk management module is renamed risk governance. | All editions | 2024-01-26 | None |
Configuration assessment | Feature iteration | If you do not purchase a quota for configuration assessment, 25 check items are provided free of charge. | All editions | 2024-01-19 | |
Vulnerability management | Feature iteration | The Show Only Exploitable Vulnerabilities feature is supported when you select Outside China as the region of the asset that you want to protect. | All editions | 2024-01-05 |
Security Center release notes
For more information about the release notes of Security Center earlier than 2024, see Release notes (earlier than 2024).